Web Threats To Continue - Security Vendors

Web threats to continue - security vendors

By Asina Pornwasin

The Nation

Vendors of security software have warned that Web threats will continue to plague Internet users.

Increasingly, their concerns focus on the theft of confidential information. This arises from the increasing number of people using the Internet and the likelihood these days that they will share confidential information by instant messenger, e-mail or social-media applications.

Social networking is an extremely important tool for building both personal and professional relationships. While the concerns of most companies about social networking in the office centre around the loss of employee productivity, what they may not realise is that many social-networking sites are built on interactive technologies that give cyber criminals endless opportunities to exploit end users, steal personal identities or business data and corrupt corporate networks with malware.

As more and more people communicate through social networks, the more viable the networks become as distribution platforms for malware. Trying to prevent staff from accessing social networks at work can potentially increase the risk to an organisation because they will look for ways around computer security, possibly increasing the chance of exposure to security threats.

Trend Micro (Thailand)'s country sales manager Rathasiri Kaikeaw said that as the number of people from different countries gaining access to the Internet grew, more and more non-English content was appearing online. The use of multiple languages increases the potential "market" for malware. Attacks in other languages such as Hindi, Chinese, Russian and Portuguese are likely to increase in number.

The increasing use of social networking sites is also likely to give rise to new approaches using old threat methods. Already, social networks are heavily targeted by cyber criminals. For example, Facebook - which has more than 500 million users - was the original target of the Koobface botnet.

Rathasiri said the top issues, when talking about online threats and information security, included cyber criminals formulating more direct and brazen extortion tactics to achieve faster access to cash; social media being used by malware to enter users' "circles of trust"; and cloud computing, which presented new security challenges.

To tackle these threats, Trend Micro will focus on service and support for existing customers by enabling them to be more "self-reliant". Customers will be equipped with ample knowledge through products currently in use,

"We will also focus more on key growth areas - security-related products for servers and datacentres. We will also work closely with key partners on developing customised programs for each of them," Rathasiri said.

Other methods that are playing a key role in combating today's most pervasive threats are heuristic tools - enabling people to learn for themselves - and behavioral and intrusion-prevention technologies.

Symantec (Thailand)'s country manager Pramut Sriwichian said there were many recent anecdotal reports of rogue applications being created for a variety of purposes: some to spread malware, others for financial fraud and some to take advantage of users to send spam.

Phishing attacks are a prime example of a socially engineered threat. Social engineering plays a large role in some recent, very high-profile attacks.

Not only are phishers and malware authors using shortened URLs to set traps for unsuspecting computer users, but shortened URLs are being used as a means to spark life into some older threats. URL-shortening services have become the phisher's best friend, Pramut said, because users often have no idea where a shortened URL is sending them. Phishers are able to disguise links that the average security-conscious user might otherwise think twice about clicking.

"We offer comprehensive protection from network to end-point security. Our target customers rank from large enterprises to small- and medium-sized businesses across all industries. However, the top spenders on security come from the banking, telecom and government sectors, followed by manufacturers and healthcare organisations," Pramut said.

Kaspersky Southeast Asia's channel sales manger Jimmy Fong said the number of social-network users in Thailand was growing fast, leading to increased online threats.

Kaspersky has released its latest Internet security product - Kaspersky Internet Security (KIS) 2011 - with enhanced Internet security to protect against online threats when people are using social networks or using applications over social networks.

He said that after entering the Thai market two years ago, Kaspersky had achieved market leadership in providing Internet security software for consumers. The rapid growth of Internet and social-network users in Thailand increased the opportunity for the company to provide the right product at the right time for a comfortable price.

"We still sell our products in boxes, as most customers in Southeast Asia prefer to buy our products at a shop rather than buying them online. We have been quite successful in expanding our consumer sales because more and more Internet users are aware of cyber security, so they need tools to protect them from threats such as phishing, malware, shortened URLs and their own online behaviour. Our products meet their needs," he said.

-- The Nation 2010-08-31